WordPress W3 Total Cache < 0.9.4.1 XSS Vulnerability - Active Check

WordPress W3 Total Cache is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface

Title: W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface Author: Mazin Ahmed Date of Discovering: October 6th, 2014 Date of Reporting to the Vendor: October 7th, 2014 Date of Releasing a Patch: December 9th, 2014 Vulnerability Type: Cross-Site Request Forgery CSRF -...

secuvera-SA-2014-01: Reflected XSS in W3 Total Cache

secuvera-SA-2014-01: Reflected XSS in W3 Total Cache Affected Products W3 Total Cache 0.9.4 older releases have not been tested "The only WordPress Performance Optimization WPO framework; designed to improve user experience and page speed. .. W3 Total Cache improves the user experience of your si...

CVE-2014-8724

Cross-site scripting XSS vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATHINFO to the default URI...

Cross site scripting

Cross-site scripting XSS vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATHINFO to the default URI...

CVE-2014-8724

Cross-site scripting XSS vulnerability in the W3 Total Cache plugin before 0.9.4.1 for WordPress, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATHINFO to the default URI...

CVE-2014-8724

CVE-2014-8724 affects the WordPress plugin W3 Total Cache up to version before 0.9.4.1 . The root cause is improper sanitization of user-supplied input in the HTML comments for the Cache key when the page cache debug info is enabled, allowing a reflected XSS scenario via PATH_INFO to the default ...

PT-2014-8691 · Frederick Townes · W3 Total Cache

Name of the Vulnerable Software and Affected Versions: W3 Total Cache plugin versions prior to 0.9.4.1 Description: The issue is related to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the Cache key in the HTML-Comments when debug...

W3 Total Cache 0.9.4 Cross Site Scripting

secuvera-SA-2014-01: Reflected XSS in W3 Total Cache Affected Products W3 Total Cache 0.9.4 older releases have not been tested "The only WordPress Performance Optimization WPO framework; designed to improve user experience and page speed. .. W3 Total Cache improves the user experience of your si...

W3 Total Cache <= 0.9.4 - Debug Mode XSS

If debug mode is enabled an XSS vector exists in the HTML comments...

W3 Total Cache 0.9.4 Cross Site Request Forgery

Title: W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface Author: Mazin Ahmed Date of Discovering: October 6th, 2014 Date of Reporting to the Vendor: October 7th, 2014 Date of Releasing a Patch: December 9th, 2014 Vulnerability Type: Cross-Site Request Forgery CSRF -...

WordPress W3 Total Cache Plugin <= 0.9.4 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments. Solution Update the plugin...

W3 Total Cache 0.9.4 - Edge Mode Enabling CSRF

The W3 Total Cache WordPress plugin was affected by an Edge Mode Enabling CSRF security vulnerability...

WordPress W3 Total Cache plugin <= 0.9.4 - Cross-Site Request Forgery (CSRF) vulnerability

WordPress W3 Total Cache plugin's "admin.php" is prone to a cross-site request forgery vulnerability. It allows an attacker to gain unauthorized access to the affected application by performing certain actions in the context of an authorized user's session. Solution Update the WordPress W3 Total...

WordPress Plugin W3 Total Cache - admin.php Cross-Site Request Forgery

WordPress Plugin W3 Total Cache - admin.php Cross-Site Request Forgery source: https://www.securityfocus.com/bid/69745/info W3 Total Cache plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform...

WordPress Plugin W3 Total Cache - &#039;admin.php&#039; Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/69745/info W3 Total Cache plugin for WordPress is prone to a cross-site request-forgery vulnerability. An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected...

W3 Total Cache 0.9.2.4 - Username & Hash Extract

The W3 Total Cache WordPress plugin was affected by an Username & Hash Extract security vulnerability...

Wordpress W3 Total Cache PHP Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

W3 Total Cache Plugin Remote Code Execution

Remote code execution vulnerability in W3 Total Cache Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

W3-Total-Cache Wordpress-plugin Username and Hash Extract (CVE-2012-6077)

An information disclosure vulnerability has been reported in W3 Total Cache Plugin for Wordpress...